88a684b34e316a156ff617879c91091b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88a684b34e316a156ff617879c91091b_JaffaCakes118
Size

295KB
MD5

88a684b34e316a156ff617879c91091b
SHA1

4a148910c2890d7e69a9e3a6a5453381d389f986
SHA256

ee54d4096838767fd909c4b7b4648e6c6ea81339bd494080540d8b901aa93e92
SHA512

86daecb227f1662ce442c229447026214810e0a21045baf85ac31a71cc9eee23fbf3a7db8ad912ca38647be29291958b74dfadf2e2cd251c6d05f09da6dcaeb4
SSDEEP

6144:BVTc7vTyj0c64tAi2zZ6A3pg3OHoNkj7yE2ROPolYl9:j6Oe4qbUo++7yRa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88a684b34e316a156ff617879c91091b_JaffaCakes118

Files

88a684b34e316a156ff617879c91091b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

669f2f447776cef0993d40b2e9b36eac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EndUpdateResourceA
MoveFileW
InitializeCriticalSection
GetLastError
ExitProcess

user32

SetMenu
SetFocus
InsertMenuW
GetDlgItemTextA
GetDlgItemInt
EqualRect
DdeCmpStringHandles
PackDDElParam

ole32

ComPs_NdrDllGetClassObject
CoGetPSClsid
HMETAFILE_UserUnmarshal

advapi32

SaferRecordEventLogEntry
RegisterEventSourceW

gdi32

CreateICA
GetDIBits
SetBitmapBits
SetDIBColorTable
SetPolyFillMode

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 818B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE